A consumer watchdog group has recommended security measures for anyone who may be affected by the recent theft of sensitive data from a Washington State University research center.
The university announced this month that a hard drive containing names, Social Security numbers and personal health information on roughly 1 million people had been stolen from a rented storage unit in downtown Olympia in April. The drive was in a small, locked safe.
In a statement Thursday, the Washington Public Interest Research Group, known as WashPIRG, urged victims of the burglary to place security freezes on their credit reports, to stop others from opening new lines of credit.
WashPIRG also warned victims to be extra cautious of so-called “phishing” scams, in which identity thieves may try to obtain additional information through emails and phone calls. The group said such attacks occur more frequently after “widely publicized” data thefts like the one in Olympia.
“Do not click on email links,” the group said. “Do not give personal information on phone calls you do not initiate, including those purportedly from your bank.”
WSU’s vice president for marketing and communication, Phil Weiler, said Thursday that some of the files on the hard drive were password-protected, some were encrypted and others were unprotected.
The drive was stored in the rented locker as a backup for researchers. The facility is a few blocks from the Olympia office of WSU’s Social and Economic Sciences Research Center, which acquired the data from public and private entities, including school districts and community colleges.
Weiler said he could not immediately provide a comprehensive list of the entities that contributed to the information on the hard drive. He noted that the research center has hundreds of clients and the data was stored in several formats.
He said the university has contracted with Garden City Group, a major legal services firm, to send letters to all of the roughly 1 million people who may be affected by the burglary. Each letter should explain which types of personal information were compromised in the burglary.
The firm also is running a call center to answer questions about the breach. Those who believe they may be affected can call (866) 523-9195 on weekdays between 8 a.m. and 6 p.m. PDT.
WSU also is offering a year of free credit monitoring and identity-theft protection services to victims.
Subscribe to the Morning Review newsletter
Get the day’s top headlines delivered to your inbox every morning by subscribing to our newsletter